You have been informed that your organization is hiring an external company to perform an audit for IT operations, maintenance and support, which you are managing. You need to provide documents to the auditor and make sure it meets the compliance requirements. You will also be required to share how different procedures, processes, tools, and techniques are put into place to protect the IT systems against malicious attacks. You will work with the external auditor who will analyze the organization's existing design and operation of internal control processes and possibly recommend improvement in your company's audit process.
What are some of the general controls related to fraud and SOX compliance that are put in place?